iris – Page 4 – Bredemarket

The Big 3, or 4, or 5? Through the Years

On September 30, FindBiometrics and Acuity Market Intelligence released the production version of the Biometric Digital Identity Prism Report. You can request to download it here.

From https://findbiometrics.com/prism/ as of 9/30/2023.

Central to the concept of the Biometric Digital Identity Prism is the idea of the “Big 3 ID,” which the authors define as follows:

These firms have a global presence, a proven track record, and moderate-to-advanced activity in every other prism beam.
From “The Biometric Digital Identity Prism Report, September 2023.”

The Big 3 are IDEMIA, NEC, and Thales.

Whoops, wrong Big Three, although the Soviet Union/Russia and the United Kingdom have also been heavily involved in fingerprint identification. By U.S. Signal Corps photo. – http://hdl.loc.gov/loc.pnp/cph.3a33351 http://teachpol.tcnj.edu/amer_pol_hist/thumbnail381.html, Public Domain, https://commons.wikimedia.org/w/index.php?curid=538831

But FindBiometrics and Acuity Market Intelligence didn’t invent the Big 3. The concept has been around for 40 years. And two of today’s Big 3 weren’t in the Big 3 when things started. Oh, and there weren’t always 3; sometimes there were 4, and some could argue that there were 5.

So how did we get from the Big 3 of 40 years ago to the Big 3 of today?

The Big 3 in the 1980s

Back in 1986 (eight years before I learned how to spell AFIS) the American National Standards Institute, in conjunction with the National Bureau of Standards, issued ANSI/NBS-ICST 1-1986, a data format for information interchange of fingerprints. The PDF of this long-superseded standard is available here.

Cover page of ANSI/NBS-ICST 1-1986. PDF here.

When creating this standard, ANSI and the NBS worked with a number of law enforcement agencies, as well as companies in the nascent fingerprint industry. There is a whole list of companies cited at the beginning of the standard, but I’d like to name four of them.

De La Rue Printrak, Inc.
Identix, Inc.
Morpho Systems
NEC Information Systems, Inc.

While all four of these companies produced computerized fingerprinting equipment, three of them had successfully produced automated fingerprint identification systems, or AFIS. As Chapter 6 of the Fingerprint Sourcebook subsequently noted:

De La Rue Printrak (formerly part of Rockwell, which was formerly Autonetics) had deployed AFIS equipment for the U.S. Federal Bureau of Investigation and for the cities of Minneapolis and St. Paul as well as other cities. Dorothy Bullard (more about her later) has written about Printrak’s history, as has Reference for Business.
Morpho Systems resulted from French AFIS efforts, separate from those of the FBI. These efforts launched Morpho’s long-standing relationship with the French National Police, as well as a similar relationship (now former relationship) with Pierce County, Washington.
NEC had deployed AFIS equipment for the National Police Academy of Japan, and (after some prodding; read Chapter 6 for the story) the city of San Francisco. Eventually the state of California obtained an NEC system, which played a part in the identification of “Night Stalker” Richard Ramirez.

Richard Ramirez mug shot, taken on 12 December 1984 after an arrest for car theft. By Los Angeles Police Department – [1], Public Domain, https://commons.wikimedia.org/w/index.php?curid=29431687

After the success of the San Francisco and California AFIS systems, many other jurisdictions began clamoring for AFIS of their own, and turned to these three vendors to supply them.

The Big 4 in the 1990s

But in 1990, these three firms were joined by a fourth upstart, Cogent Systems of South Pasadena, California.

While customers initially preferred the Big 3 to the upstart, Cogent Systems eventually installed a statewide system in Ohio and a border control system for the U.S. government, plus a vast number of local systems at the county and city level.

Between 1991 and 1994, the (Immigfation and Naturalization Service) conducted several studies of automated fingerprint systems, primarily in the San Diego, California, Border Patrol Sector. These studies demonstrated to the INS the feasibility of using a biometric fingerprint identification system to identify apprehended aliens on a large scale. In September 1994, Congress provided almost $30 million for the INS to deploy its fingerprint identification system. In October 1994, the INS began using the system, called IDENT, first in the San Diego Border Patrol Sector and then throughout the rest of the Southwest Border.
From https://oig.justice.gov/reports/plus/e0203/back.htm

I was a proposal writer for Printrak (divested by De La Rue) in the 1990s, and competed against Cogent, Morpho, and NEC in AFIS procurements. By the time I moved from proposals to product management, the next redefinition of the “big” vendors occurred.

The Big 3 in 2003

There are a lot of name changes that affected AFIS participants, one of which was the 1988 name change of the National Bureau of Standards to the National Institute of Standards and Technology (NIST). As fingerprints and other biometric modalities were increasingly employed by government agencies, NIST began conducting tests of biometric systems. These tests continue to this day, as I have previously noted.

One of NIST’s first tests was the Fingerprint Vendor Technology Evaluation of 2003 (FpVTE 2003).

From https://www.nist.gov/itl/iad/image-group/fingerprint-vendor-technology-evaluation-fpvte-2003

For those who are familiar with NIST testing, it’s no surprise that the test was thorough:

FpVTE 2003 consists of multiple tests performed with combinations of fingers (e.g., single fingers, two index fingers, four to ten fingers) and different types and qualities of operational fingerprints (e.g., flat livescan images from visa applicants, multi-finger slap livescan images from present-day booking or background check systems, or rolled and flat inked fingerprints from legacy criminal databases).
From https://www.nist.gov/itl/iad/image-group/fingerprint-vendor-technology-evaluation-fpvte-2003

Eighteen vendors submitted their fingerprint algorithms to NIST for one or more of the various tests, including Bioscrypt, Cogent Systems, Identix, SAGEM MORPHO (SAGEM had acquired Morpho Systems), NEC, and Motorola (which had acquired Printrak). And at the conclusion of the testing, the FpVTE 2003 summary (PDF) made this statement:

Of the systems tested, NEC, SAGEM, and Cogent produced the most accurate results.

Which would have been great news if I were a product manager at NEC, SAGEM, and Cogent.

Unfortunately, I was a product manager at Motorola.

The effect of this report was…not good, and at least partially (but not fully) contributed to Motorola’s loss of its long-standing client, the Royal Canadian Mounted Police, to Cogent.

The Big 3, 4, or 5 after 2003

So what happened in the years after FpVTE was released? Opinions vary, but here are three possible explanations for what happened next.

Did the Big 3 become the Big 4 again?

Now I probably have a bit of bias in this area since I was a Motorola employee, but I maintain that Motorola overcame this temporary setback and vaulted back into the Big 4 within a couple of years. Among other things, Motorola deployed a national 1000 pixels-per-inch (PPI) system in Sweden several years before the FBI did.

Did the Big 3 remain the Big 3?

Motorola’s arch-enemies at Sagem Morpho had a different opinion, which was revealed when the state of West Virginia finally got around to deploying its own AFIS. A bit ironic, since the national FBI AFIS system IAFIS was located in West Virginia, or perhaps not.

Anyway, Motorola had a very effective sales staff, as was apparent when the state issued its Request for Proposal (RFP) and explicitly said that the state wanted a Motorola AFIS.

That didn’t stop Cogent, Identix, NEC, and Sagem Morpho from bidding on the project.

After the award, Dorothy Bullard and I requested copies of all of the proposals for evaluation. While Motorola (to no one’s surprise) won the competition, Dorothy and I believed that we shouldn’t have won. In particular, our arch-enemies at Sagem Morpho raised a compelling argument that it should be the chosen vendor.

Their argument? Here’s my summary: “Your RFP says that you want a Motorola AFIS. The states of Kansas (see page 6 of this PDF) and New Mexico (see this PDF) USED to have a Motorola AFIS…but replaced their systems with our MetaMorpho AFIS because it’s BETTER than the Motorola AFIS.”

But were Cogent, Motorola, NEC, and Sagem Morpho the only “big” players?

Did the Big 3 become the Big 5?

While the Big 3/Big 4 took a lot of the headlines, there were a number of other companies vying for attention. (I’ve talked about this before, but it’s worthwhile to review it again.)

Identix, while making some efforts in the AFIS market, concentrated on creating live scan fingerprinting machines, where it competed (sometimes in court) against companies such as Digital Biometrics and Bioscrypt.
The fingerprint companies started to compete against facial recognition companies, including Viisage and Visionics.
Oh, and there were also iris companies such as Iridian.
And there were other ways to identify people. Even before 9/11 mandated REAL ID (which we may get any year now), Polaroid was making great efforts to improve driver’s licenses to serve as a reliable form of identification.

In short, there were a bunch of small identity companies all over the place.

But in the course of a few short years, Dr. Joseph Atick (initially) and Robert LaPenta (subsequently) concentrated on acquiring and merging those companies into a single firm, L-1 Identity Solutions.

From https://www.officer.com/investigations/forensics/company/10037062/l1-identity-solutions-inc

These multiple mergers resulted in former competitors Identix and Digital Biometrics, and former competitors Viisage and Visionics, becoming part of one big happy family. (A multinational big happy family when you count Bioscrypt.) Eventually this company offered fingerprint, face, iris, driver’s license, and passport solutions, something that none of the Big 3/Big 4 could claim (although Sagem Morpho had a facial recognition offering). And L-1 had federal contracts and state contracts that could match anything that the Big 3/Big 4 offered.

So while L-1 didn’t have a state AFIS contract like Cogent, Motorola, NEC, and Sagem Morpho did, you could argue that L-1 was important enough to be ranked with the big boys.

So for the sake of argument let’s assume that there was a Big 5, and L-1 Identity Solutions was part of it, along with the three big boys Motorola, NEC, and Safran (who had acquired Sagem and thus now owned Sagem Morpho), and the independent Cogent Systems. These five companies competed fiercly with each other (see West Virginia, above).

In a two-year period, everything would change.

The Big 3 after 2009

Hang on to your seats.

The Motorola RAZR was hugely popular…until it wasn’t. Eventually Motorola split into two companies and sold off others, including the “Printrak” Biometric Business Unit. By NextG50 – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=130206087

By 2009, Safran (resulting from the merger of Sagem and Snecma) was an international powerhouse in aerospace and defense and also had identity/biometric interests. Motorola, in the meantime, was no longer enjoying the success of its RAZR phone and was looking at trimming down (prior to its eventual, um, bifurcation). In response to these dynamics, Safran announced its intent to purchase Motorola’s Biometric Business Unit in October 2008, an effort that was finalized in April 2009. The Biometric Business Unit (adopting its former name Printrak) was acquired by Sagem Morpho and became MorphoTrak. On a personal level, Dorothy Bullard moved out of Proposals and I moved into Proposals, where I got to work with my new best friends that had previously slammed Motorola for losing the Kansas and New Mexico deals. (Seriously, Cindy and Ron are great folks.)
By 2010, the fiercely independent Cogent was independent no more, having been acquired by 3M. (NEC thought about buying Cogent but didn’t.)
By 2011, Safran decided that it needed additional identity capabilities, so it acquired L-1 Identity Solutions and renamed the acquisition as MorphoTrust.

If you’re keeping notes, the Big 5 have now become the Big 3: 3M, Safran, and NEC (the one constant in all of this).

While there were subsequent changes (3M sold Cogent and other pieces to Gemalto, Safran sold all of Morpho to Advent International/Oberthur to form IDEMIA, and Gemalto was acquired by Thales), the Big 3 has remained constant over the last decade.

And that’s where we are today…pending future developments.

If Alphabet or Amazon reverse their current reluctance to market their biometric offerings to governments, the entire landscape could change again.
Or perhaps a new AI-fueled competitor could emerge.

The 1 Biometric Content Marketing Expert

This was written by John Bredehoft of Bredemarket.

If you work for the Big 3 or the Little 80+ and need marketing and writing services, the biometric content marketing expert can help you. There are several ways to get in touch:

Book a meeting with me at calendly.com/bredemarket. Be sure to fill out the information form so I can best help you.

Email me at john.bredehoft@bredemarket.com.
Contact me at bredemarket.com/contact/.
Subscribe to my mailing list at http://eepurl.com/hdHIaT.

More on NIST’s FRTE-FATE Split

(Part of the biometric product marketing expert series)

I’ve talked about why NIST separated its FRVT efforts into FRTE and FATE.

But I haven’t talked bout how NIST did this.

And as you all know, the second most important question after why is how.

Why the great renaming took place

As I noted back in August, NIST chose to split its Face Recognition Vendor Test (FRVT) into two parts—FRTE (Face Recognition Technology Evaluation) and FATE (Face Analysis Technology Evaluation).

From https://www.nist.gov/programs-projects/face-technology-evaluations-frtefate

At the time, NIST explained why it did this:

To bring clarity to our testing scope and goals
From https://www.nist.gov/programs-projects/face-technology-evaluations-frtefate

In essence, the Face Recognition Vendor Test had become a hodgepodge of different things. Some of the older tests were devoted to identification of individuals (face recognition), while some of the newer tests were looking at issues other than individual identification (face analysis).

Of course, this confusion between identification and non-identification is nothing new, which is why some of the people who read Gender Shades falsely concluded that if the three algorithms couldn’t classify people by sex or race, they couldn’t identify them as individuals.

But I digress. (I won’t do it again.)

NIST explained at the time:

Tracks that involve the processing and analysis of images will run under the FATE activity, and tracks that pertain to identity verification will run under FRTE.
From https://www.nist.gov/programs-projects/face-technology-evaluations-frtefate

How the great renaming happened in practice

What is in FRTE?

To date, most of my personal attention (and probably most of yours) was paid to what was previously called FRVT 1:1 and FRVT 1:N.

These two tests are now part of FRTE, and were simply renamed to FRTE 1:1 and FRTE 1:N. They’ve even (for now) retained the same URLs, although that may change in the future.

Other tests that are now part of the FRTE bucket include:

Face Recognition Technology Evaluation: Demographic Effects in Face Recognition. This is the “bias” test, but oriented toward individual identification rather than “gender shades”-like classification.
Face Recognition Technology Evaluation (FRTE) Face Mask Effects. Again, this evaluates how face masks affect individual identification.
FRTE Paperless Travel.
Face Recognition Technology Evaluation (FRTE) Twins Demonstration.

The “Still Face and Iris 1:N Identification” effort (PDF) has apparently also been reclassified as an FRTE effort.

What is in FATE?

Obviously, presentation attack detection (PAD) testing falls into the FATE category, since this does not measure the identification of an individual, but whether a person is truly there or not. The first results have been released; I previously wrote about this here.

The next obvious category is age estimation testing, which again does not try to identify an individual, but estimate how old the person is. This testing has not yet started, but I talked about the concept of age estimation previously.

Other parts of FATE include:

Face Analysis Technology Evaluation (FATE) MORPH. This is intended to detect morphed or blended faces, a detection issue that is not necessarily black or white. (More on morphing later.)
Face Analysis Technology Evaluation (FATE) Quality. NIST released the initial report for this test at the same time that it released the first PAD report.

It is very possible that NIST will add additional FRTE and FATE tests in the future. These may be brand new tests, or variations of existing tests. For example, when all of us started wearing face masks a couple of years ago, NIST simulated face masks on its existing facial images and created the data for the face mask test described above.

What do you think NIST should test next, either in the FRTE or the FATE category?

More on morphing

And yes, I’m concluding this post with this video. By the way, this is the full version that (possibly intentionally) caused a ton of controversy and was immediately banned for nearly a quarter century. The morphing starts at 5:30. The crotch-grabbing starts right after the 7:00 mark.

From https://www.youtube.com/watch?v=pTFE8cirkdQ

But on a less controversial note, let’s give equal time to Godley & Creme.

From https://www.youtube.com/watch?v=ypMnBuvP5kA

Perhaps because of the lack of controversy with Godley & Creme’s earlier effort, Ashley Clark prefers it to the later Michael Jackson/John Landis effort.

Whereas Godley & Creme used editing technology to embrace and reflect the ambiguous murk of thwarted love, Jackson and Landis imposed an artificial sheen on the complexity of identity; a sheen that feels poignant if not outright tragic in the wake of Jackson’s ultimate appearance and fate. Really, it did matter if he was black or white.
From https://ashleyclark.substack.com/p/black-or-white-and-crying-all-over

But I digress. (I lied.)

Sadly, morphing escaped from the hands of music video directors and artists and entered the world of fraudsters, as Regula explains.

From https://regulaforensics.com/blog/facial-morphing/

One of the main application areas of facial morphing for criminal purposes is forging identity documents. The attack targets face-based identity verification systems and procedures. Most often it involves passports; however, any ID document with a photo can be compromised.

One well-known case happened in 2018 when a group of activists merged together a photo of Federica Mogherini, the High Representative of the European Union for Foreign Affairs and Security Policy, and a member of their group. Using this morphed photo, they managed to obtain an authentic German passport.
From https://regulaforensics.com/blog/facial-morphing/

Which is why NIST didn’t just cry about the problem. They tested it to assist the vendors in solving the problem.

The Secret to Beating Half of All Fortune 500 Marketers and Growing Your Business

(Updated blog post count 10/23/2023)

Always take advantage of your competitors’ weaknesses.

This post describes an easy way to take advantage of your competitors. If they’re not blogging, make sure your firm is blogging. And the post provides hard numbers that demonstrate why your firm should be blogging.

Who uses blogging?

According to an infographic using 2017 data, 50% of the top 200 Fortune 500 companies had a public corporate blog.

Excerpt from the infographic at https://www.dailyinfographic.com/state-of-blogging-industry, cited by https://blog.hubspot.com/marketing/business-blogging-in-2015

Which means that half of those companies don’t have a public corporate blog.

The same infographic also revealed the following:

86% of B2B companies are blogging. (Or, 14% are not.)
68% of social media marketers use blogs in their social media strategy. (Or, 32% don’t.)
45% of marketers saying blogging is the #1 most important piece of their content strategy.
Small businesses under 10 employees allocate 42% of their marketing budget to content marketing.

So obviously some firms believe blogging is important, while others don’t.

What difference does this make for your firm?

What results do blogging companies receive?

In my view, the figures above are way too low. 100% of all Fortune 500 companies, 100% of B2B companies should be blogging, and 100% of social media marketers should incorporate blogging.

Why? Because blogging produces tangible results.

Blogging produces awareness

Blogging is an ideal way to promote awareness of your firm and its offerings. From the same infographic:

77% of internet users read blogs.
Internet users in the US spend 3x more time on blogs than they do on email.
Companies who blog receive 97% more links to their websites.
70% of consumers learn about a company through articles rather than ads.
The average company that blogs generates 55% more website visitors.

Blogging produces leads

Awareness is nice, but does awareness convert into leads?

Small businesses that blog get 126% more lead growth than those who don’t.
B2B marketers that use blogs get 67% more leads than those who do not.

Blogging produces conversions

From https://www.youtube.com/watch?v=B8EnslW6Uao

Getting leads from blogging is nice, but show me the money! What about conversions?

Marketers who have prioritized blogging are 13x more likely to enjoy positive ROI.
92% of companies who blog multiple times per day have acquired a customer from their blog.

Take a look at those last two bullets related to conversion again. Blogging is correlated with positive ROI (I won’t claim causation, but anecdotally I believe it), and blogging helps firms acquire customers. So if your firm wants to make money, get blogging.

What should YOUR company do?

With numbers like this, shouldn’t all companies be blogging?

But don’t share these facts with your competitors. Keep them to yourself so that you gain a competitive advantage over them.

Now you just need to write those blog posts.

How can I help?

And if you need help with the actual writing, I, John E Bredehoft of Bredemarket, can help.

I’ve written more than 500 business blog posts.
I can create blog content that has an immediate business impact, is easy to reshare, and is easy to repurpose as other content.

From Sandeep Kumar, A. Sony, Rahul Hooda, Yashpal Singh, in Journal of Advances and Scholarly Researches in Allied Education | Multidisciplinary Academic Research, “*Multimodal Biometric Authentication System for Automatic Certificate Generation*.”

If you are in the identity/biometric industry, my identity blog post writing experience benefits firms who identify individuals via fingers, faces, irises, DNA, driver’s licenses, geolocation, and many other factors and modalities. I truly am a biometric content marketing expert and an identity content marketing expert.
And if you’re not in the identity/biometric industry, my general content marketing expertise also applies to technology firms and general business firms.
I ask you critical questions before I start blogging, to ensure you get the right content.
I collaborate with you throughout the process to ensure the blog post is on target and meets your goals.

By Unknown author – postcard, Public Domain, https://commons.wikimedia.org/w/index.php?curid=7691878

In most cases, I can provide your blog post via my standard package, the Bredemarket 400 Short Writing Service. I offer other packages and options if you have special needs.

Authorize Bredemarket, Ontario California’s content marketing expert, to help your firm produce words that return results.

Email me at john.bredehoft@bredemarket.com.
Book a meeting with me at calendly.com/bredemarket.
Contact me at bredemarket.com/contact/.
Subscribe to my mailing list at http://eepurl.com/hdHIaT.

Worldcoin’s “Face/Off” With Authorities in Argentina and Kenya (and alarmists worldwide)

Victoria Gardens, Rancho Cucamonga, California, August 12, 2023.

Can someone pretend to be you if they have no idea who you are?

It’s been a couple of weeks since I last addressed Worldcoin’s activities, but a lot has happened in Kenya, and now in Argentina also. Here’s a succinct (I hope) update that looks beyond the blaring headlines to see what is REALLY happening.

And, at the end of this post, I address what COULD happen if a fraudster “cut off someone’s face, including gouging out their eyes, and then you draped it all over your own face.” Hey, you have to consider ALL the use cases.

From https://blockworks.co/news/worldcoin-privacy-concerns

Argentina and data protection laws

So what is the reality in Argentina? According to CoinDesk, the Argentine Agency for Access to Public Information (AAIP) is conducting an investigation into WorldCoin.

According to the AAIP, an entity like Worldcoin must register with the AAIP, provide information about its data processing policy, and indicate the purpose for collecting sensitive data and the retention period for such data. Additionally, the agency requires details of the security and confidentiality measures applied to safeguard personal information. The AAIP did not confirm whether Worldcoin complies with the standards.

Worldcoin told CoinDesk in an emailed statement that “the project complies with all laws and regulations governing the processing of personal data in the markets where Worldcoin is available, including but not limited to Argentina’s Personal Data Protection Act 25.326.”
From https://www.coindesk.com/policy/2023/08/10/worldcoin-regulatory-scrutiny-grows-as-argentina-opens-investigation/

From http://servicios.infoleg.gob.ar/infolegInternet/anexos/60000-64999/64790/norma.htm

But what is this “personal data” that concerns Argentina so much?

The data that Worldcoin collects

Now a number of companies need to comply with local privacy regulations in numerous countries, and Worldcoin obviously must obey the law in the countries where it conducts business, including laws about personally identifiable information (PII). For illustration, here is an incomplete list of examples of PII, compiled by the University of Pittsburgh:

Name: full name, maiden name, mother’s maiden name, or alias

Personal identification numbers: social security number (SSN), passport number, driver’s license number, taxpayer identification number, patient identification number, financial account number, or credit card number

Personal address information: street address, or email address

Personal telephone numbers

Personal characteristics: photographic images (particularly of face or other identifying characteristics), fingerprints, or handwriting

Biometric data: retina scans, voice signatures, or facial geometry

Information identifying personally owned property: VIN number or title number

Asset information: Internet Protocol (IP) or Media Access Control (MAC) addresses that consistently link to a particular person
From https://www.technology.pitt.edu/help-desk/how-to-documents/guide-identifying-personally-identifiable-information-pii

To my knowledge, Worldcoin acquires PII in two separate instances: when downloading the World App, and when registering at an Orb.

Data collected by the World App

First, Worldcoin collects data when you download the World App. The data that is collected by the iOS version of the World App includes a user ID, the user’s coarse location, a name, contacts, and a phone number. I’ll admit that the collection of contacts is a little odd, but let’s see what happens to that data later in the process.

World App (iOS) privacy information as of August 18, 2023. From https://apps.apple.com/no/app/world-app-worldcoin-wallet/id1560859847

Data collected by the Orb

Second, Worldcoin collects data when you enroll at an Orb.

From https://worldcoin.org/blog/worldcoin/orb-faqs

Obviously the Orb collects iris images, and also collects face images. But what else is collected at the Orb?

Nothing.

Worldcoin documents two use cases in its privacy statement: one “without data custody,” and one “with data custody.” In the first use case:

Your biometric data is first processed locally on the Orb and then permanently deleted. The only data that remains is your iris code. This iris code is a set of numbers generated by the Orb and is not linked to your wallet or any of your personal information. As a result, it really tells us — and everyone else — nothing about you. All it does is stop you from being able to sign up again.
From https://worldcoin.org/privacy

But what about the second use case, in which the user consents to have Worldcoin retain information (so that the user does not have to re-enroll if they get a new phone)?

Your biometric data is first processed locally on the Orb and then sent, via encrypted communication channels, to our distributed secure data stores, where it is encrypted at rest. Once it arrives, your biometric data is permanently deleted from the Orb.
From https://worldcoin.org/privacy

Regardless of whether biometric data is retained or not, other PII isn’t even collected at the Orb:

Since you are not required to provide personal information like your name, email address, physical address or phone number, this means that you can easily sign up without us ever knowing anything about you.
From https://worldcoin.org/privacy

“But John,” you’re saying, “names and phone numbers are not collected at the Orb, but names and phone numbers ARE collected by the World App. So how are the name, phone number, user ID, and ‘iris code’ linked together?” Let me reprint what Worldcoin says about the app:

Your Worldcoin App is your self-custodial wallet. That means, just like a physical wallet, that no banks, governments or corporations can do anything to it — like lose or freeze your money — you’re in complete control.

You also don’t need to enter any personal information to get or use the App. But even if you do, you can rest assured that, unlike others, we will never sell or try to profit from your personal information.
From https://worldcoin.org/privacy

So apparently, while the World App asks for your name, it is not a mandatory field. I just confirmed this on my World App (which I enabled on May 16, without orb verification); the only identifying information that I could find was my phone number and my user ID.

And I’m assuming that if I were to enroll at an Orb, the iris code would be linked to my user ID.

Depending upon Worldcoin’s internal architecture:

It’s possible that the iris code could be linked to my phone number, either intentionally or unintentionally. But even if it is, an iris code in and of itself is useless outside of the Worldcoin ecosystem. In the same way that an Aware, IDEMIA, NEC, or Thales fingerprint template (not the fingerprint image) can’t be used to generate a full fingerprint image, a Worldcoin iris code can’t be used to generate a full iris image.
If I choose the “with data custody” option, my biometric images could be linked to my phone number. Again, they could be linked either intentionally or unintentionally. If such a linkage exists, then that IS a problem. If a user chooses to back up both their World App data and their Orb biometric image data with Worldcoin (and again, the user must CHOOSE to back up both sets of data), how does Worldcoin ensure that the two sets of data can’t be linked?

Presumably Argentina’s AAIP will investigate Worldcoin’s architecture to ensure that there are no financial identity threats.

Which leads us to Kenya.

Kenya and data protection laws

When we last visited Kenya and Worldcoin on August 2, the government had announced that “(r)elevant security, financial services and data protection agencies have commenced inquiries and investigations to establish the authenticity and legality of the aforesaid activities, the safety and protection of the data being harvested, and how the harvesters intend to use the data.”

Those investigations continue, Worldcoin’s Kenya offices have been raided, and Parliament is angry at the regulatory authorities…for not doing enough. The article that reports this states that the Data Protection Unit feels it is not responsible for investigating the “core business” of the registered companies, but Parliament feels otherwise.

The article also makes another interesting statement:

…the office failed to conduct background checks on the company, whose operations have been banned in both the United States of America (USA) and Germany.
From https://nation.africa/kenya/news/you-ve-failed-kenyans-mps-tell-data-commissioner-immaculate-kassait-over-worldcoin-saga-4338518

Um, fake fake fake.

Victoria Gardens, Rancho Cucamonga, California, August 12, 2023.

As I previously noted, I can visit an Orb i n Santa Monica, California to register my irises. Last I checked, Santa Monica is still part of the United States of America (USA).

Now what I CAN’T do is obtain some Worldcoin when I register my irises.

In addition, Worldcoin tokens (“WLD”) are not intended to be available for use, purchase, or access by US persons, including US citizens, residents, or persons in the United States, or companies incorporated, located, or resident in the United States, or who have a registered agent in the United States. We do not make WLD available to such US persons. Furthermore, you agree that you will not sell, transfer or make available WLD to US persons.
From User Terms And Conditions, Version 3.10, Effective August 2, 2023, https://worldcoin.pactsafe.io/rkuawsvk5.html#contract-qx3iz24-o

But US persons can still download the app and provide irises to our hearts’ content.

We just can’t get any crypto.

And for the Argentine and Kenyan authorities, the main reason they care about this is the crypto.

Worldcoin is useless for most identification use cases

I’ll make the point that I made before.

Worldcoin is NOT a tool to identify and exploit poor people.

In fact, as the term is commonly understood, Worldcoin does not, and cannot, identify ANYONE.

This is by design.

World ID is a digital passport that lets you prove you are a unique and real person while remaining anonymous.
From https://worldcoin.org/world-id

So if you think that obtaining a World ID will allow you to

open a bank account,
obtain state welfare benefits, or
vote in a local election…

…think again.

Worldcoin CANNOT identify you as a known individual.

It can only establish your uniqueness.

But what about the hacks?

But if you’d like to be unsettled, I’ll close with a quote from another Blockworks article written by someone who visited an Orb in Brooklyn, New York. Last I checked, Brooklyn is still part of the United States of America (USA).

I continued on a darker vein: What if a criminal mastermind decided to cut out someone’s eyes, and use them to steal their identity?

The Orb engineer told me that it wouldn’t work. This Orb needs to see alive, blinking eyes, and a human face that is real attached to them. A picture of someone’s eyes won’t scan, robot eyes won’t scan, canine eyes won’t scan.

But then I got him.

If you cut off someone’s face, including gouging out their eyes, and then you draped it all over your own face, could you register as them with a Worldcoin scanner and steal their identity?

Yes.

Although he promised that the Worldcoin R&D team has not tested this particular edge case.
From https://blockworks.co/news/worldcoin-eyeballs-scan-brooklyn

Fair use. From https://littlebitsofgaming.com/2021/04/06/face-off-the-plot-hole/

(Repeats to myself) Face/Off was only a movie…Face/Off was only a movie…

Kenya Concerns About Worldcoin Data: WHAT Data?

Biometric Update linked to an AFP article (via Africanews) that referenced a statement by the Ministry of the Interior Cabinet Secretary Kithure Kindiki, portions of which were quoted by Citizen Digital.

“Relevant security, financial services and data protection agencies have commenced inquiries and investigations to establish the authenticity and legality of the aforesaid activities, the safety and protection of the data being harvested, and how the harvesters intend to use the data,” read part of the statement.

“Further, it will be critical that assurances of public safety and the integrity of the financial transactions involving such a large number of citizens be satisfactorily provided upfront.”
From https://www.citizen.digital/news/government-suspends-activities-of-worldcoin-citing-safety-concerns-n324708

The big brouhaha has occurred because Worldcoin is using a device called the Orb to collect images of people’s irises.

And Worldcoin is also collecting…

…well, nothing else.

And even the iris image data that Worldcoin DOES collect isn’t retained unless people request it.

Since no two people have the same iris pattern and these patterns are very hard to fake, the Orb can accurately tell you apart from everyone else without having to collect any other information about you — not even your name.

Importantly, the images of you and your iris pattern are permanently deleted as soon as you have signed up, unless you opt in to Data Custody to reduce the number of times you may need to go back to an Orb. Either way, the images are not connected to your Worldcoin tokens, transactions, or World ID.
From https://worldcoin.org/privacy

Ah, but Worldcoin does retain…an iris code. A lot of good THAT’S gonna do a scammer.

Your biometric data is first processed locally on the Orb and then permanently deleted. The only data that remains is your iris code. This iris code is a set of numbers generated by the Orb and is not linked to your wallet or any of your personal information. As a result, it really tells us — and everyone else — nothing about you. All it does is stop you from being able to sign up again.

Since you are not required to provide personal information like your name, email address, physical address or phone number, this means that you can easily sign up without us ever knowing anything about you.
From https://worldcoin.org/privacy

And no, you cannot reverse engineer an iris image from the iris code. In fact, you can’t reverse engineer any biometric image from its biometric template.

And even if you could reverse engineer an iris image, what are you going to do with it? You don’t know who owns it. It probably doesn’t belong to Bill Gates. It probably belongs to an impoverished Kenyan. (Good luck getting that person’s US$2.00. Which they probably already sold.)

Because—and here’s the thing that people forget about Worldcoin—”Worldcoin’s World ID emphasizes privacy so much that it does not conclusively prove a person’s identity (it only proves a person’s uniqueness).” (Link)

So how are governments and companies supposed to use Worldcoin?

Companies could pay Worldcoin to use its digital identity system, for example if a coffee shop wants to give everyone one free coffee, then Worldcoin’s technology could be used to ensure that people do not claim more than one coffee without the shop needing to gather personal data, Macieira said.
From https://www.reuters.com/technology/worldcoin-says-will-allow-companies-governments-use-its-id-system-2023-08-02/

Yup, that’s the use case. To allow 8 billion people to each claim one cup of coffee.

Not just the people who are members of the coffee company’s rewards club.
Not just the people who have purchased a certain amount of coffee.
Not just the people in the United States and Colombia.

Worldcoin can’t do those things, because even Worldcoin doesn’t know anything about its users.

Which means, by the way, that the World ID can’t be used in elections or national/state government welfare benefits distribution.

Sure it can be used to prove that someone hasn’t voted twice, or received benefits under two different names.
But it has no way of knowing whether the individual is qualified to vote or receive benefits. Maybe the person doesn’t live in the local jurisdiction. For voting, maybe the person lives there but is not a citizen. For benefits, maybe the person has too much income to qualify. Worldcoin doesn’t have a clue if any of these things are true.

So apparently the Kenyan authorities are worried that Worldcoin is gathering too much data.

I’m worried that Worldcoin is gathering not enough data for most practical use cases.

Well, unless you want to buy the world a Coke.

From https://www.youtube.com/watch?v=1VM2eLhvsSM

Five Topics a Biometric Content Marketing Expert Needs to Understand

As a child, did you sleep at night dreaming that someday you could become a biometric content marketing expert?

“Someday I will star in a video about a documen t reader!” By Carlos María Herrera – http://www.castells.com.uy/pn_ago06/41-60.htm, Public Domain, https://commons.wikimedia.org/w/index.php?curid=8132604

I didn’t either. Frankly, I didn’t even work in biometrics professionally until I was in my 30s.

If you have a mad adult desire to become a biometric content marketing expert, here are five topics that I (a self-styled biometric content marketing expert) think you need to understand.

Topic One: Biometrics

Sorry to be Captain Obvious, but if you’re going to talk about biometrics you need to know what you’re talking about.

The days in which an expert could confine themselves to a single biometric modality are long past. Why? Because once you declare yourself an iris expert, someone is bound to ask, “How does iris recognition compare to facial recognition?”

Only some of the Biometrics Institute’s types of biometrics. Full list at https://www.biometricsinstitute.org/what-is-biometrics/types-of-biometrics/

And there are a number of biometric modalities. In addition to face and iris, the Biometrics Institute has cataloged a list of other biometric modalities, including fingerprints/palmprints, voice, DNA, vein, finger/hand geometry, and some more esoteric ones such as gait, keystrokes, and odor. (I wouldn’t want to manage the NIST independent testing for odor.)

As far as I’m concerned, the point isn’t to select the best biometric and ignore all the others. I’m a huge fan of multimodal biometrics, in which a person’s identity is verified or authenticated by multiple biometric types. It’s harder to spoof multiple biometrics than it is to spoof a single one. And even if you spoof two of them, what if the system checks for odor and you haven’t spoofed that one yet?

Topic Two: All the other factors

In the same way that I don’t care for people who select one biometric and ignore the others, I don’t care for some in the “passwo r ds are dead” crowd who go further and say, “Passwords are dead. Use biometrics instead.”

Although I admire the rhyming nature of the phrase.

If you want a robust identity system, you need to use multiple factors in identity verification and authentication.

Something you know.
Something you have.
Something you are (i.e. biometrics).
Something you do.
Somewhere you are.

Again, use of multiple factors protects against spoofing. Maybe someone can create a gummy fingerprint, but can they also create a fake passport AND spoof the city in which you are physically located?

From https://www.youtube.com/shorts/mqfHAc227As

Don’t assume that biometrics answers all the ills of the world. You need other factors.

And if you master these factors, you are not only a biometric content marketing expert, but also an identity content marketing expert.

Topic Three: How biometrics are used

It’s not enough to understand the technical ins and outs of biometric capture, matching, and review. You need to know how biometrics are used.

One-to-one vs. one-to-many. Is the biometric that you acquire only compared to a single biometric samples, or to a database of hundreds, thousands, millions, or billions of other biometric samples?
Markets. When I started in biometrics, I only participated in two markets: law enforcement (catch bad people) and benefits (get benefit payments to the right people). There are many other markets. Just recently I have written about financial identity and educational identity. I’ve worked with about a dozen other markets personally, and there are many more.
Use cases. Related to markets, you need to understand the use cases that biometrics can address. Taking the benefits example, there’s a use case in which a person enrolls for benefits, and the government agency wants to make sure that the person isn’t already enrolled under another name. And there’s a use cases when benefits are paid to make sure that the authorized recipient receives their benefits, and no one else receives their benefits.
Legal and privacy issues. It is imperative that you understand the legal ramifications that affect your chosen biometric use case in your locality. For example, if your house has a doorbell camera that uses “familiar face detection” to identify the faces of people that come to your door, and the people that come to your door are residents of the state of Illinois, you have a BIG BIPA (Biometric Information Privacy Act) problem.

Any identity content marketing expert or biometric content marketing expert worth their salt will understand these and related issues.

Topic Four: Content marketing

This is another Captain Obvious point. If you want to present yourself as a biometric contet marketing expert or identity content marketing expert, you have to have a feel for content marketing.

Here’s how HubSpot defines content marketing:

The definition of content marketing is simple: It’s the process of publishing written and visual material online with the purpose of attracting more leads to your business. These can include blog posts, pages, ebooks, infographics, videos, and more.
From https://blog.hubspot.com/marketing/content-marketing

Here are all the types of content in which one content marketer claims proficiency (as of July 27, 2023, subject to change):

Articles • Battlecards (80+) • Blog Posts (400+) • Briefs/Data/Literature Sheets • Case Studies (12+) • Competitive Analyses • Email Newsletters (200+) • Event/Conference/Trade Show Demonstration Scripts • FAQs • Plans • Playbooks • Presentations • Proposal Templates • Proposals (100+) • Quality Improvement Documents • Requirements • Scientific Book Chapters • Smartphone Application Content • Social Media (Facebook, Instagram, LinkedIn, Threads, TikTok, Twitter) • Strategic Analyses • Web Page Content • White Papers and E-Books
From https://www.linkedin.com/in/jbredehoft/, last updated 7/27/2023.

Now frankly, that list is pretty weak. You’ll notice that it doesn’t include Snapchat.

But content marketers need to be comfortable with creating at least one type of content.

Topic Five: How L-1 Identity Solutions came to be

Yes, an identity content marketing expert needs to thoroughly understand how L-1 Identity Solutions came to be.

I’m only half joking.

Back in the late 1990s and early 2000s (I’ll ignore FpVTE results for a moment), the fingerprint world in which I worked recognized four major vendors: Cogent, NEC, Printrak (later part of Motorola), and Sagem Morpho.

And then there were all these teeny tiny vendors that offered biometric and non-biometric solutions, including the fierce competitors Identix and Digital Biometrics, the fierce competitors Viisage and Visionics, and a bunch of other companies like Iridian.

Wel, there WERE all these teeny tiny vendors.

Until Bob LaPenta bought them all up and combined them into a single company, L-1 Identity Solutions. (LaPenta was one of the “Ls” in L-3, so he chose the name L-1 when he started his own company.)

So around 2008 the Big Four (including a post-FpVTE Motorola) became the Big Five, since L-1 Identity Solutions was now at the table with the big boys.

But then several things happened:

Motorola started selling off parts of itself. One of those parts, its Biometric Business Unit, was purchased by Safran (the company formed after Sagem and Snecma merged). This affected me because I, a Motorola employee, became an employee of MorphoTrak, the subsidiary formed when Sagem Morpho de facto acquired “Printrak” (Motorola’s Biometric Business Unit). So now the Big Five were the Big Four.
Make that the Big Three, because Safran also bought L-1 Identity Solutions, which became MorphoTrust. MorphoTrak and MorphoTrust were separate entities, and in fact competed against each other, so maybe we should say that the Big Four still existed.
Oh, and by the way, the independent company Cogent was acquired by 3M (although NEC considered buying it).
A few years later, 3M sold bits of itself (including the Cogent bit) to Gemalto.
Then in 2017, Advent International (which owned Oberthur) acquired bits of Safran (the “Morpho” part) and merged them with Oberthur to form IDEMIA. As a consequence of this, MorphoTrust de facto acquired MorphoTrak, ending the competition but requiring me to have two separate computers to access the still-separate MorphoTrust and MorphoTrak computer networks. (In passing, I have heard from two sources, but have not confirmed myself, that the possible sale of IDEMIA is on hold.)
And Gemalto was acquired by Thales.

So as of 2023, the Big Three (as characterized by Maxine Most and FindBiometrics) are IDEMIA, NEC, and Thales.

Why do I mention all this? Because all these mergers and acquisitions have resulted in identity practitioners working for a dizzying number of firms.

As of August 2023, I myself have worked for five identity firms, but in reality four of the five are the same firm because the original Printrak International kept on getting acquired (Motorola, Safran, IDEMIA).

And that’s nothing. One of my former Printrak coworkers (R.M.) has also worked for Digital Biometrics (now part of IDEMIA), Cross Match Technologies (now part of ASSA ABLOY), Iridian (now part of IDEMIA), Datastrip, Creative Information Technology, AGNITiO, iTouch Biometrics, NDI Recognition Systems, iProov, and a few other firms here and there.

The point is that everybody knows everybody because everybody has worked with (and against) everybody. And with all the job shifts, it’s a regular Peyton Place.

By ABC Television – eBay itemphoto frontphoto back, Public Domain, https://commons.wikimedia.org/w/index.php?curid=17252688

Not sure which one is me, which one is R.M., and who the other people are.

Do you need an identity content marketing expert today?

Do you need someone who not only knows biometrics and content marketing, but also all the other factors, their uses, and even knows the tangled history of L-1?

Someone who offers:

No identity learning curve?
No content learning curve?
Proven results?

If I can help you create your identity content, contact me.

Email me at john.bredehoft@bredemarket.com.
Book a meeting with me at calendly.com/bredemarket.
Contact me at bredemarket.com/contact/.
Subscribe to my mailing list at http://eepurl.com/hdHIaT.

Iris Recognition, Apple, and Worldcoin

(Part of the biometric product marketing expert series)

Iris recognition continues to make the news. Let’s review what iris recognition is and its benefits (and drawbacks), why Apple made the news last month, and why Worldcoin is making the news this month.

What is iris recognition?

There are a number of biometric modalities that can identify individuals by “who they are” (one of the five factors of authentication). A few examples include fingerprints, faces, voices, and DNA. All of these modalities purport to uniquely (or nearly uniquely) identify an individual.

One other way to identify individuals is via the irises in their eyes. I’m not a doctor, but presumably the Cleveland Clinic employs medical professionals who are qualified to define what the iris is.

The iris is the colored part of your eye. Muscles in your iris control your pupil — the small black opening that lets light into your eye.
From https://my.clevelandclinic.org/health/body/22502-iris

And here’s what else the Cleveland Clinic says about irises.

The color of your iris is like your fingerprint. It’s unique to you, and nobody else in the world has the exact same colored eye.
From https://my.clevelandclinic.org/health/body/22502-iris

John Daugman and irises

But why use irises rather than, say, fingerprints and faces? The best person to answer this is John Daugman. (At this point several of you are intoning, “John Daugman.” With reason. He’s the inventor of iris recognition.)

Here’s an excerpt from John Daugman’s 2004 paper on iris recognition:

(I)ris patterns become interesting as an alternative approach to reliable visual recognition of persons when imaging can be done at distances of less than a meter, and especially when there is a need to search very large databases without incurring any false matches despite a huge number of possibilities. Although small (11 mm) and sometimes problematic to image, the iris has the great mathematical advantage that its pattern variability among different persons is enormous.
Daugman, John, “How Iris Recognition Works.” IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY, VOL. 14, NO. 1, JANUARY 2004. Quoted from page 21. (PDF)

Or in non-scientific speak, one benefit of iris recognition is that you know it is accurate, even when submitting a pair of irises in a one-to-many search against a huge database. How huge? We’ll discuss later.

Brandon Mayfield and fingerprints

Remember that Daugman’s paper was released roughly two months before Brandon Mayfield was misidentified in a fingerprint comparison. (Everyone now intone “Brandon Mayfield.”)

From https://mayfieldlaw.weebly.com/about.html

If you want to know the details of that episode, the Department of Justice Office of the Inspector General issued a 330 page report (PDF) on it. If you don’t have time to read 330 pages, here’s Al Jazeera’s shorter version of Brandon Mayfield’s story.

While some of the issues associated with Mayfield’s misidentification had nothing to do with forensic science (Al Jazeera spends some time discussing bias, and Itiel Dror also looked at bias post-Mayfield), this still shows that fingerprints are remarkably similar and that it takes care to properly identify people.

Police agencies, witnesses, and faces

And of course there are recent examples of facial misidentifications (both by police agencies and witnesses), again not necessarily forensic science related, and again showing the similarity of faces from two different people.

Iris “data richness” and independent testing

Why are irises more accurate than fingerprints and faces? Here’s what one vendor, Iris ID, claims about irises vs. other modalities:

At the root of iris recognition’s accuracy is the data-richness of the iris itself. The IrisAccess system captures over 240 degrees of freedom or unique characteristics in formulating its algorithmic template. Fingerprints, facial recognition and hand geometry have far less detailed input in template construction.
Iris ID, “How It Compares.” (Link)

Enough about claims. What about real results? The IREX 10 test, independently administered by the U.S. National Institute of Standards and Technology, measures the identification (one-to-many) accuracy of submitted algorithms. At the time I am writing this, the ten most accurate algorithms provide false negative identification rates (FNIR) between 0.0022 ± 0.0004 and 0.0037 ± 0.0005 when two eyes are used. (Single eye accuracy is lower.) By the time you see this, the top ten algorithms may have changed, because the vendors are always improving.

IREX10 two-eye accuracy, top ten algorithms as of July 28, 2023. (Link)

While the IREX10 one-to-many tests are conducted against databases of less than a million records, it is estimated that iris one-to-many accuracy remains high even with databases of a billion people—something we will return to later in this post.

Iris drawbacks

OK, so if irises are so accurate, why aren’t we dumping our fingerprint readers and face readers and just using irises?

In short, because of the high friction in capturing irises. You can use high-resolution cameras to capture fingerprints and faces from far away, but as of now iris capture usually requires you to get very close to the capture device.

Iris image capture circa 2020 from the U.S. Federal Bureau of Investigation. (Link)

Which I guess is better than the old days when you had to put your eye right up against the capture device, but it’s still not as friendly (or intrusive) as face capture, which can be achieved as you’re walking down a passageway in an airport or sports stadium.

Irises and Apple Vision Pro

So how are irises being used today? You may or may not have hard last month’s hoopla about the Apple Vision Pro, which uses irises for one-to-one authetication.

From Apple, https://www.apple.com/apple-vision-pro/

I’m not going to spend a ton of time delving into this, because I just discussed Apple Vision Pro in June. In fact, I’m just going to quote from what I already said.

And when all of us heard about Vision Pro, one of the things that Apple shared about it was its verification technique. Not Touch ID or Face ID, but Optic ID. (I like naming consistency.)
From https://bredemarket.com/2023/06/12/vision-pro-not-revolutionary-biometrics-event/

From Apple, https://www.apple.com/105/media/us/apple-vision-pro/2023/7e268c13-eb22-493d-a860-f0637bacb569/anim/drawer-privacy-optic-id/large.mp4

In short, as you wear the headset (which by definition is right on your head, not far away), the headset captures your iris images and uses them to authenticate you.

It’s a one-to-one comparison, not the one-to-many comparison that I discussed earlier in this post, but it is used to uniquely identify an individual.

But iris recognition doesn’t have to be used for identification.

Irises and Worldcoin

“But wait a minute, John,” you’re saying. “If you’re not using irises to determine if a person is who they say they are, then why would anyone use irises?”

Enter Worldcoin, which I mentioned in passing in my early July age estimation post.

Over the past several years, I’ve analyzed a variety of identity firms. Earlier this year I took a look at Worldcoin….Worldcoin’s World ID emphasizes privacy so much that it does not conclusively prove a person’s identity (it only proves a person’s uniqueness)…
From https://bredemarket.com/2023/07/03/age-estimation/

That’s the only thing that I’ve said about Worldcoin, at least publicly. (I looked at Worldcoin privately earlier in 2023, but that report is not publicly accessible and even I don’t have it any more.)

Worldcoin’s July 24 announcement

I guess it’s time for me to revisit Worldcoin, since the company made a super-big splashy announcement on Monday, July 24.

From https://worldcoin.org/blog/announcements/worldcoin-project-launches

The Worldcoin Foundation today announced that Worldcoin, a project co-founded by Sam Altman, Alex Blania and Max Novendstern, is now live and in a production-grade state.

The launch includes the release of the World ID SDK and plans to scale Orb operations to 35+ cities across 20+ countries around the world. In tandem, the Foundation’s subsidiary, World Assets Ltd., minted and released the Worldcoin token (WLD) to the millions of eligible people who participated in the beta; WLD is now transactable on the blockchain….

“In the age of AI, the need for proof of personhood is no longer a topic of serious debate; instead, the critical question is whether or not the proof of personhood solutions we have can be privacy-first, decentralized and maximally inclusive,” said Worldcoin co-founder and Tools for Humanity CEO Alex Blania. “Through its unique technology, Worldcoin aims to provide anyone in the world, regardless of background, geography or income, access to the growing digital and global economy in a privacy preserving and decentralized way.”
From https://worldcoin.org/blog/announcements/worldcoin-project-launches

Worldcoin does NOT positively identify people…but it can still pay you

A very important note: Worldcoin’s purpose is not to determine identity (that a person is who they say they are). Worldcoin’s purpose is to determine uniqueness: namely, that a person (whoever they are) is unique among all the billions of people in the world. Once uniqueness is determined, the person can get money money money with an assurance that the same person won’t get money twice.

Recent WLD trading price, from https://coinmarketcap.com/currencies/worldcoin-org/

OK, so how are you going to determine the uniqueness of a person among all of the billions of people in the world?

Using the Orb to capture irises

As far as Worldcoin is concerned, irises are the best way to determine uniqueness, echoing what others have said.

Iris biometrics outperform other biometric modalities and already achieved false match rates beyond 1.2× ⁣10−141.2×10−14 (one false match in one trillion^[9]) two decades ago^[10]—even without recent advancements in AI. This is several orders of magnitude more accurate than the current state of the art in face recognition.
From https://worldcoin.org/blog/engineering/humanness-in-the-age-of-ai

So how is Worldcoin going to capture millions, and eventually billions, of iris pairs?

By using the Orb. (You may intone “the Orb” now.)

To complete your Worldcoin registration, you need to find an Orb that will capture your irises and verify your uniqueness.

Now you probably won’t find an Orb at your nearby 7 Eleven; as I write this, there are only a little over 100 listed locations in the entire world where Orbs are deployed. I happen to live within 50 miles of Santa Monica, where an Orb was recently deployed (by appointment only, unavailable on weekends, and you know how I feel about driving on Southern California freeways on a weekday).

But now that you can get crypto for enrolling at an Orb, people are getting more excited about the process, and there will be wider adoption.

Whether this will make a difference in the world or just be a fad remains to be seen.

Fill Your Company Gap With A Biometric Content Marketing Expert

Companies often have a lot of things they want to do, but don’t have the people to do them. It takes a long time to hire someone, and it even takes time to find a consultant that knows your industry and can do the work.

This affects identity/biometric companies just like it affects other companies. When an identity/biometric company needs a specific type of expertise and needs it NOW, it’s often hard to find the person they need.

If your company needs a biometric content marketing expert (or an identity content marketing expert) NOW, you’ve come to the right place—Bredemarket. Bredemarket has no identity learning curve, no content learning curve, and offers proven results.

Identity/biometric consulting in the 1990s

I remember when I first started working as an identity/biometric consultant, long before Bredemarket was a thing.

By Federal Bureau of Investigation – https://washingtonian.com/2016/11/24/the-fbi-opened-its-crime-lab-here-in-dc-back-in-1932, Public Domain, https://commons.wikimedia.org/w/index.php?curid=128508441

OK, not quite THAT long ago. I started working in biometrics in the 1990s—NOT the 1940s.

In 1994, the proposals department at Printrak International needed additional writers due to the manager’s maternity leave, and she was so valuable that Printrak needed to bring in TWO consultants to take her place.

At least initially, the other consultant and I couldn’t fill the manager’s shoes.

Both of us could write.
Both of us could spell “AFIS.”
Both of us could spell “RAID.” Not the bug spray, but the storage mechanism that stored all those “huge” fingerprint images.
But on that first night that I was cranking out proposal letters for something called a “Latent Station 2000,” I didn’t really know WHAT I was writing about.

As time went on, the other consultant and I learned much more—so much that the company brought both of us on as full-time employees.

After we were hired full-time, we spent a combined 45+ years at Printrak and its corporate successors in proposals, marketing, and product management positions, contributing to industry knowledge.

Here’s an article that the other consultant, Dorothy Bullard, wrote in 2014.
You’ve probably seen more than enough of the stuff that I’ve written over the years, but here’s an old article that quoted me in 2006 about the Motorola-Oracle relationship.

Which shows that learning how to spell “AFIS” can have long-term benefits.

Printrak’s problem

When Printrak needed biometric proposal writing experts quickly, it found two people who filled the bill. Sort of.

But neither of us knew biometrics before we started consuting at Printrak.

And I had never written a proposal before I started consulting at Printrak. (I had written an RFP. Sort of.)

But frankly, there weren’t a lot of identity/biometric consultants out in the field in the 1990s. There were the 20th century equivalents of Applied Forensic Services LLC, but at the time I don’t think there were any 20th century equivalents of Tandem Technical Writing LLC.

Peter Higgins. From https://www.search.org/biometrics-expert-peter-higgins-to-receive-searchs-highest-practitioner-honor/

The 21st century solution

Unlike the 1990s, identity/biometric firms that need consulting help have many options. In addition to Applied Forensic Services and Tandem Technical Writing you have…me.

Mike and Laurel can tell you what they can do, and I heartily endorse both of them.

Let me share with you why I call myself a biometric content marketing expert who can help your identity/biometric company get marketing content out now:

No identity learning curve
No content learning curve
Proven results

No identity learning curve

I have worked with finger, face, iris, DNA, and other biometrics, as well as government-issued identity documents and geolocation. If you are interested, you can read my Bredemarket blog posts that mention the following topics:

No content learning curve

Because I’ve produced both external and internal content on identity/biometric topics, I offer the experience to produce your content in a number of formats.

External content: account-based marketing content, articles, blog posts (I am the identity/biometric blog expert), case studies, data sheets, partner comarketing content, presentations, proposals, sales literature sheets, scientific book chapters, smartphone application content (events), social media posts, web page content, and white papers.
Internal content: battlecards, competitive analyses, demonstration scripts (events), email internal newsletters, FAQs, multi-year plans, playbooks, project plans, proposal templates, quality improvement documents, requirements documents, strategic analyses, and website/social media analyses.

Proven results

Read about them here.

Download

So how can you take advantage of my identity/biometric expertise?

If you need day-one help for an identity/biometric content marketing or proposal writing project, consider Bredemarket.

Send me an email at john.bredehoft@bredemarket.com.
Or go to calendly.com/bredemarket to book a meeting with me.
Or go to bredemarket.com/contact/ to use my contact form.

Why Apple Vision Pro Is a Technological Biometric Advance, but Not a Revolutionary Biometric Event

(Part of the biometric product marketing expert series)

(UPDATE JUNE 24: CORRECTED THE YEAR THAT COVID BEGAN.)

I haven’t said anything publicly about Apple Vision Pro, so it’s time for me to be “how do you do fellow kids” trendy and jump on the bandwagon.

Actually…

It ISN’T time for me to jump on the Apple Vision Pro bandwagon, because while Apple Vision Pro affects the biometric industry, it’s not a REVOLUTIONARY biometric event.

The four revolutionary biometric events in the 21st century

How do I define a “revolutionary biometric event”?

By Alberto Korda – Museo Che Guevara, Havana Cuba, Public Domain, https://commons.wikimedia.org/w/index.php?curid=6816940

I define it as something that completely transforms the biometric industry.

When I mention three of the four revolutionary biometric events in the 21st century, you will understand what I mean.

9/11. After 9/11, orders of biometric devices skyrocketed, and biometrics were incorporated into identity documents such as passports and driver’s licenses. Who knows, maybe someday we’ll actually implement REAL ID in the United States. The latest extension of the REAL ID enforcement date moved it out to May 7, 2025. (Subject to change, of course.)
The Boston Marathon bombings, April 2013. After the bombings, the FBI was challenged in managing and analyzing countless hours of video evidence. Companies such as IDEMIA National Security Solutions, MorphoTrak, Motorola, Paravision, Rank One Computing, and many others have tirelessly worked to address this challenge, while ensuring that facial recognition results accurately identify perpetrators while protecting the privacy of others in the video feeds.
COVID-19, spring 2020 and beyond. COVID accelerated changes that were already taking place in the biometric industry. COVID prioritized mobile, remote, and contactless interactions and forced businesses to address issues that were not as critical previously, such as liveness detection.

These three are cataclysmic world events that had a profound impact on biometrics. The fourth one, which occurred after the Boston Marathon bombings but before COVID, was…an introduction of a product feature.

From Apple, https://support.apple.com/en-us/HT201371

Touch ID, September 2013. When Apple introduced the iPhone 5s, it also introduced a new way to log in to the device. Rather than entering a passcode, iPhone 5S users could just use their finger to log in. The technical accomplishment was dwarfed by the legitimacy that this brought to using fingerprints for identification. Before 2013, attempts to implement fingerprint verification for benefits recipients were resisted because fingerprinting was something that criminals did. After September 2013, fingerprinting was something that the cool Apple kids did. The biometric industry changed overnight.

Of course, Apple followed Touch ID with Face ID, with adherents of the competing biometric modalities sparring over which was better. But Face ID wouldn’t have been accepted as widely if Touch ID hadn’t paved the way.

So why hasn’t iris verification taken off?

Iris verification has been around for decades (I remember Iridian before L-1; it’s now part of IDEMIA), but iris verification is nowhere near as popular in the general population as finger and face verification. There are two reasons for this:

Compared to other biometrics, irises are hard to capture. To capture a fingerprint, you can lay your finger on a capture device, or “slap” your four fingers on a capture device, or even “wave” your fingers across a capture device. Faces are even easier to capture; while older face capture systems required you to stand close to the camera, modern face devices can capture your face as you are walking by the camera, or even if you are some distance from the camera.
Compared to other biometrics, irises are expensive to capture. Many years ago, my then-employer developed a technological marvel, an iris capture device that could accurately capture irises for people of any height. Unfortunately, the technological marvel cost thousands upon thousands of dollars, and no customers were going to use it when they could acquire fingerprint and face capture devices that were much less costly.

So while people rushed to implement finger and face capture on phones and other devices, iris capture was reserved for narrow verticals that required iris accuracy.

With one exception. Samsung incorporated Princeton Identity technology into its Samsung Galaxy S8 in 2017. But the iris security was breached by a “dummy eye” just a month later, in the same way that gummy fingers and face masks have defeated other biometric technologies. (This is why liveness detection is so important.) While Samsung continues to sell iris verification today, it hadn’t been adopted by Apple and therefore wasn’t cool.

Until now.

About the Apple Vision Pro and Optic ID

The Apple Vision Pro is not the first headset that was ever created, but the iPhone wasn’t the first smartphone either. And coming late to the game doesn’t matter. Apple’s visibility among trendsetters ensures that when Apple releases something, people take notice.

And when all of us heard about Vision Pro, one of the things that Apple shared about it was its verification technique. Not Touch ID or Face ID, but Optic ID. (I like naming consistency.)

According to Apple, Optic ID works by analyzing a user’s iris through LED light exposure and then comparing it with an enrolled Optic ID stored on the device’s Secure Enclave….Optic ID will be used for everything from unlocking Vision Pro to using Apple Pay in your own headspace.
From The Verge, https://www.theverge.com/2023/6/5/23750147/apple-optic-id-vision-pro-iris-biometrics

So why did Apple incorporate Optic ID on this device and not the others?

There are multiple reasons, but one key reason is that the Vision Pro retails for US$3,499, which makes it easier for Apple to justify the cost of the iris components.

But the high price of the Vision Pro comes at…a price

However, that high price is also the reason why the Vision Pro is not going to revolutionize the biometric industry. CNET admitted that the Vision Pro is a niche item:

At $3,499, Apple’s Vision Pro costs more than three weeks worth of pay for the average American, according to Bureau of Labor Statistics data. It’s also significantly more expensive than rival devices like the upcoming $500 Meta Quest 3, $550 Sony PlayStation VR 2 and even the $1,000 Meta Quest Pro.
From CNET, https://www.cnet.com/tech/computing/why-apple-vision-pros-3500-price-makes-more-sense-than-you-think/

Now CNET did go on to say the following:

With Vision Pro, Apple is trying to establish what it believes will be the next major evolution of the personal computer. That’s a bigger goal than selling millions of units on launch day, and a shift like that doesn’t happen overnight, no matter what the price is. The version of Vision Pro that Apple launches next year likely isn’t the one that most people will buy.
From CNET, https://www.cnet.com/tech/computing/why-apple-vision-pros-3500-price-makes-more-sense-than-you-think/

Certainly Vision Pro and Optic ID have the potential to revolutionize the computing industry…in the long term. And as that happens, the use of iris biometrics will become more popular with the general public…in the long term.

But not today. You’ll have to wait a little longer for the next biometric revolution. And hopefully it won’t be a catastrophic event like three of the previous revolutions.

How Can Your Identity Business Create the RIGHT Written Content?

Does your identity business provide biometric or non-biometric products and services that use finger, face, iris, DNA, voice, government documents, geolocation, or other factors or modalities?

Does your identity business need written content, such as blog posts (from the identity/biometric blog expert), case studies, data sheets, proposal text, social media posts, or white papers?

How can your identity business (with the help of an identity content marketing expert) create the right written content?

For the answer, click here.